Resources
Identity Use Cases & Scenarios.- FIDIS Deliverables.
- Identity of Identity.
- Interoperability.
- Profiling.
- Forensic Implications.
- HighTechID.
- D3.1: Overview on IMS.
- D3.2: A study on PKI and biometrics.
- D3.3: Study on Mobile Identity Management.
- D3.5: Workshop on ID-Documents.
- D3.6: Study on ID Documents.
- D3.7: A Structured Collection on RFID Literature.
- D3.8: Study on protocols with respect to identity and identification – an insight on network protocols and privacy-aware communication.
- D3.9: Study on the Impact of Trusted Computing on Identity and Identity Management.
- D3.10: Biometrics in identity management.
- D3.11: Report on the Maintenance of the IMS Database.
- D3.15: Report on the Maintenance of the ISM Database.
- D3.17: Identity Management Systems – recent developments.
- D12.1: Integrated Workshop on Emerging AmI Technologies.
- D12.2: Study on Emerging AmI Technologies.
- D12.3: A Holistic Privacy Framework for RFID Applications.
- D12.4: Integrated Workshop on Emerging AmI.
- D12.5: Use cases and scenarios of emerging technologies.
- D12.6: A Study on ICT Implants.
- D12.7: Identity-related Crime in Europe – Big Problem or Big Hype?.
- D12.10: Normality Mining: Results from a Tracking Study.
- Privacy and legal-social content.
- Mobility and Identity.
- Other.
- IDIS Journal.
- FIDIS Interactive.
- Press & Events.
- In-House Journal.
- Booklets
- Identity in a Networked World.
- Identity R/Evolution.
D3.10: Biometrics in identity management
 |
Title: SECURITY AND PRIVACY ASPECTS OF BIOMETRICS |
 |
The debate about biometrics is most of the time framed in two ways which seem incompatible with each other. Some advocate the introduction of biometric applications for increasing security, for examples in air travel or at sea ports, and hereby accept that this is done at the cost of the privacy and the fundamental rights and freedoms of individuals (advocates of biometric applications for increasing security). Others reject the use of biometrics because of the risks for the infringement of privacy rights when using biometric applications in the name of (public) security (privacy advocates). Choosing or rejecting biometrics is herein presented as a choice between either security or privacy.
The debate about biometrics could also be held in another way: if the design, the development and the deployment of biometric applications takes the privacy risks into consideration, biometrics could be advanced as both enhancing security while conserving privacy. Iris scans, as an example of the biometric Type II access model, could be very useful in protecting high security installations, while the iris does not leave persistent traces and would only be required from a limited number of persons who have access to these restricted places. Some authors have already tried to argue that both concepts of ‘security’ and ‘privacy’ do not need to exclude one another. Biometric applications could enhance the security if all privacy threatening elements have been dealt with. Security and privacy are then no longer two different sides of the (biometric) story, but, if both concerns taken into account in equivalent ways, both will strengthen the biometric application. Biometric applications, however, become insecure if the privacy rights and risks are insufficiently dealt with. If the biometric characteristic that is used leaves traces, and can in the application easily be spoofed, the security obtained by the use of the biometric for that application decreases significantly, unless specific measures take this privacy risk into account and prevent such abuse. So the security of an application will equally decrease if privacy risks remain. The security of the application will remain high if privacy interests are equally dealt with.
This chapter will summarise the security and privacy risk aspects of biometrics.
| |
   |
|
| 15 / 40 |
